769 matches found
Unspecified vulnerability in Linux kernel (CNVD-2024-39296)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly synchronizing the state of a network interface. No details of the vulnerability are provided at...
UBUNTU-CVE-2024-46766
In the Linux kernel, the following vulnerability has been resolved: ice: move netifqueuesetnapi to rtnl-protected sections Currently, netifqueuesetnapi is called from icevsirebuild that is not rtnl-locked when called from the reset. This creates the need to take the rtnllock just for a single...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly synchronizing the state of a network interface. No details of the vulnerability are provided at...
OESA-2024-2107 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ibmvnic: don't release napi in ibmvnicopen If ibmvnicopen encounters an error such as when setting link state, it calls releaseresources which frees the napi...
Moderate: containernetworking-plugins security update
The Container Network Interface CNI project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated...
The vulnerability of the rndis component in the Linux operating system’s kernel allows attackers to compromise the confidentiality, integrity, and accessibility of data.
The vulnerability of the rndis component in the Linux operating system’s kernel is related to improper blocking mechanisms. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of data...
The vulnerability of the SonicOS operating system’s network interface allows attackers to gain full access to the network interface.
The vulnerability of the SonicOS operating system’s network interface controllers related to SonicWall’s network interface controllers involves access control deficiencies. Exploiting this vulnerability allows a malicious actor to gain full access to the network interface controller...
CVE-2022-48910
The CVE-2022-48910 case concerns the Linux kernel IPv6 addrconf path: when NETDEV_DOWN is triggered for reasons other than actual interface down, repeated calls can leak one ifmcaddr6 per multicast group by leaking idev->mc_tomb. The fix is to ensure ipv6_mc_down() runs at most once per state ...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a possible memory leak due to a duplicate call to the ipv6mcdown function when IPv6 is enabled and disabled ...
CVE-2024-6788
A remote unauthenticated attacker can use the firmware update feature on the LAN interface of the device to reset the password for the predefined, low-privileged user “user-app” to the default password...
PT-2024-7101 · Phoenix Contact · Phoenix Contact Charx Sec-3000
Name of the Vulnerable Software and Affected Versions: Phoenix Contact CHARX SEC-3000 versions up to 1.6.2 Description: A remote unauthenticated attacker can use the firmware update feature on the LAN interface of the device to reset the password for the predefined, low-privileged user user-app t...
Siemens Omnivise T3000 Application Server Input Validation Improperity Vulnerability
The Omnivise T3000 is a distributed control system for fossil fuel and large renewable energy power plants. An improper input validation vulnerability exists in the Siemens Omnivise T3000 Application Server due to an affected system exposing an internal application port on a public network...
kernel: s390/qeth: Fix kernel panic after setting hsuid
In the Linux kernel, the following vulnerability has been resolved: s390/qeth: Fix kernel panic after setting hsuid Symptom: When the hsuid attribute is set for the first time on an IQD Layer3 device while the corresponding network interface is already UP, the kernel will try to execute a napi...
kernel: ionic: fix use after netif_napi_del()
A vulnerability was found in the Linux kernel's Ionic driver in the ionicqcqenable function, where the issue arises when the driver fails to reset the .poll pointer to NULL after a queue is unregistered via netifnapidel, leading to a use-after-free scenario when attempting to enable a previously...
SUSE CVE-2024-42162
In the Linux kernel, the following vulnerability has been resolved: gve: Account for stopped queues when reading NIC stats We now account for the fact that the NIC might send us stats for a subset of queues. Without this change, gvegetethtoolstats might make an invalid access on the...
CVE-2024-38879
A vulnerability has been identified in Omnivise T3000 Application Server R9.2 All versions, Omnivise T3000 R8.2 SP3 All versions, Omnivise T3000 R8.2 SP4 All versions. The affected system exposes the port of an internal application on the public network interface allowing an attacker to circumven...
Unspecified vulnerability in Linux kernel (CNVD-2024-35103)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to account for the possibility that the NIC may only send statistics for some queues when reading...
Siemens Omnivise T3000 输入验证错误漏洞
The Omnivise T3000 is a distributed control system for fossil fuel and large renewable energy power plants. An improper input validation vulnerability exists in the Siemens Omnivise T3000 Application Server due to an affected system exposing an internal application port on a public network...
UBUNTU-CVE-2024-42162
In the Linux kernel, the following vulnerability has been resolved: gve: Account for stopped queues when reading NIC stats We now account for the fact that the NIC might send us stats for a subset of queues. Without this change, gvegetethtoolstats might make an invalid access on the...
Important: Red Hat Security Advisory: containernetworking-plugins security update
An update for containernetworking-plugins is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...